CVE-2025-46320

Medium CVSS: 6.1

A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to unauthorized access and remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4 and FileMaker Server 21.1.7.

Vendor

Claris

Product

Filemaker Server

CWE

CWE-79

Yayın Tarihi

2026-02-24 21:16:18

Güncelleme

2026-02-25 16:47:08

Source Identifier

product-security@apple.com

KEV Date Added

Kategoriler

CWE-79 Filemaker Server MEDIUM Claris 2026

Referanslar

https://support.claris.com/s/answerview?anum=000049123&language=en_US

Benzer Kayıtlar

Medium

CVE-2025-46294

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumerat…

Critical

CVE-2025-46295

Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications pass…

Medium

CVE-2025-46296

An authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privile…